MySql ¥ Exim ¥ Exiscan ¥ CourierIMAP ¥ SpamAssassin ¥ Clam AntiVirus
Follow step 1 through 5 before installing all of these packages!
|
Exim-MTA 4.51 GMP 4.1.4 and zlib-1.2.2. MailAdmin (Rev. 12-19-04) |
|
Some older versions are still available for download.
You have to make sure that no other smtp or pop/imap server is running on your computer.
1. Remove Postfix start-up folder... from /System/Library/StartupItems/Postfix
2. Edit /private/etc/watchdog.conf comment out two lines near the bottom
#postfix:respawn:/usr/libexec/postfix/master # Mail services - SMTP
#cyrus:off:/usr/bin/cyrus/bin/master # Mail services - IMAP & POP:SA2
Login as root on you terminal and create a system user for Exim.
niutil -create . /users/exim niutil -createprop . /users/exim uid 88 niutil -createprop . /users/exim gid 20 niutil -createprop . /users/exim passwd '*' niutil -createprop . /users/exim realname 'Exim_User'
This will make exim look like sendmail for other apps like php, perl ...
mv /usr/sbin/sendmail /usr/sbin/sendmail.original ln -s /usr/exim/bin/exim-4.51-1 /usr/sbin/sendmail ln -s /usr/exim/bin/exim-4.51-1 /usr/bin/sendmail
(Exim is based on this build instructions)
Create Courier user and group with uid=100 gid=100.
niutil -create . /groups/courier niutil -createprop . /groups/courier gid 100 niutil -createprop . /groups/courier realname 'courier' niutil -create . /users/courier niutil -createprop . /users/courier uid 100 niutil -createprop . /users/courier gid 100 niutil -createprop . /users/courier passwd '*' niutil -createprop . /users/courier realname 'courier'
Open and add the following line to hostconfig file:
open -e /private/etc/hostconfig
IMAPSERVER=-YES-
Turn off the "sticky bit" on - /private/var/mail
chmod -t /private chmod -t /private/var chmod -t /private/var/mail
and set the owner on "mail" folder to courier and group to "courier".
chown -R courier /private/var/mail chgrp -R courier /private/var/mail chmod -R 775 /private/var/mail
DO NOT create directories for user accounts and/or domains inside mail folder. They will be created automatically upon the arrival of the first email sent to the users, listed in the mysql setup.
(Courier is based on this build instructions)
Find "connection.inc.php" in this mailAdmin folder and replace "username","password" with your choice. It also contains a file called "email_db.sql" - move it to your home (root) directory. Move the rest of the folder to wherever you serve files via apache.
Open terminal, login as root. (I assume you do have some familiarity with MySql)
mysql -u username -p
mysql> CREATE database email_db; mysql> use email_db; mysql> \. /private/var/root/email_db.sql mysql> quit
sudo apachectl graceful restart
Test it by pointing your browser to http://www.yourdomain.com/mailAdmin/
If you're able to add or delete records to all four categories then proceed to step 4.
(A demo is posted here)
Panther ships with perl 5.8.1 RC3, multi-threads enabled. Before you can compile DBD::mysql it is necessary that you patch Apple's perl by editing "Config.pm".
open -e /System/Library/Perl/5.8.1/darwin-thread-multi-2level/Config.pm
replacing ld='MACOSX_DEPLOYMENT_TARGET=10.3 cc'
with ld='env MACOSX_DEPLOYMENT_TARGET=10.3 cc'
If you don't already have it installed, you're going to need Apple Developer Tools (Xcode).
Comes with Panther server or it can be downloaded free, by simply joining ADC. (Joining is also free.)
sudo perl -MCPAN -e shell
If this is the first time you start up CPAN shell, you will have to configured it then continue by installing the following modules.
install Bundle::CPAN
install HTML::Parser
install Net::DNS
install Bundle::DBI
DBD::mysql requires a running mysql server with open write permissions and a database called "test". If you're not successful via CPAN, you can install DBD-mysql manually from source code.
install DBD::mysql
install Mail::SpamAssassin
quit
Create user and group - uid 200 and gid 200, than download, configure and install Clam AV. Make the password "*" so that no one can log into the system as this user.
niutil -create . /groups/clamav niutil -createprop . /groups/clamav gid 200 niutil -createprop . /groups/clamav realname 'clamav' niutil -create . /users/clamav niutil -createprop . /users/clamav uid 200 niutil -createprop . /users/clamav gid 200 niutil -createprop . /users/clamav passwd '*' niutil -createprop . /users/clamav realname 'clamav'
ClamAV requires that you install GMP and zlib. You can find a link to download GMP and zlib with the rest of the packages.
(ClamAV is based on this build instructions)
EXIM: Open exim "configure" file to edit the following two lines:
open -e /usr/exim/configure
hide mysql_servers = localhost/dbname/username/password
primary_hostname = mail.yourcompany.com
In order to activate bouncing messages above certain score points generated by SpamAssassin, you have to uncomment the following lines in exim configure file and set the condition to reject value "{100}" to whatever you desire. (Actually it is multiplied by ten. Example: If you want to bounce spam at 7.8, than you multiply it by ten, which will result in {78}) You should uncomment these three lines in exim configure file if you want to start rejecting mail.
# deny message = This message scored $spam_score points. Congratulations!
# spam = nobody:true
# condition = ${if >{$spam_score_int}{200}{1}{0}}
Exim "configure" file example.
COURIER: Open courier "authmysqlrc" file to edit the following lines near the top:
open -e /usr/courier-imap/etc/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME username
MYSQL_PASSWORD secret
SPAMASSASSIN: Open SpamAssasin "local.cf" file and edit the following lines near the top: (namely username and password that your mysql will need to run mailAdmin)
open -e /etc/mail/spamassassin/local.cf
user_scores_dsn DBI:mysql:email_db:localhost
user_scores_sql_username username
user_scores_sql_password password
user_scores_sql_table userpref
At this point everything should be working. Just setup an account and check. To log in via email client apps you must use full email address as the username and the client must be capable of and enabled for smtp authentication.
Here are the tests to see if everything is working (from your terminal):
telnet localhost 25
If everything is OK, telneting to localhost 25 should respond with
Connected to localhost.
Escape character is '^]'.
220 maxo ESMTP Exim 4.24 Sat, 15 Nov 2003 07:41:39 -0800
And now we can test POP and IMAP one after the other:
telnet localhost 110
If everything is OK, something like this will appear:
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
telnet localhost 143
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE STARTTLS] Courier-IMAP ready. Copyright 1998-2003 Double Precision, Inc. See COPYING for distribution information.
All logs are visible through Console app, however they are located as indicated below.
Courier-imap/SpamAssassin: /var/log/mail.log
Exim: (If you don't see "reject.log" or "panic.log", it's probably because exim hasn't rejected anything "yet".)
/var/spool/exim/log/exim_main.log
/var/spool/exim/log/exim_panic.log
/var/spool/exim/log/exim_reject.log
ClamAV: /var/log/clamd.log
FreshClam: /var/log/clam-update.log
How to turn on loging for MySql: It is recommended to leave it "on" only for "debuging" purposes.
open -e /System/Library/StartupItems/MySQL/MySQL
Edit line 9: "/usr/bin/mysqld_safe --user=mysql &"
to look like this: "/usr/bin/mysqld_safe --log --user=mysql &"
Use your terminal to display activity from your log file. (The name of your mysql logfile is usually your computer's hostname ending with .log on your system).
tail -f /var/mysql/localhost.log
To watch what courier is doing during activity:
tail -f /var/log/mail.log
To check on Exim in "debug" mode: (You will have to kill the current Exim process)
killall exim /usr/exim/bin/exim -bd -q30m -d
To start Exim again manually:
/usr/exim/bin/exim -bd -q30m
To start SpamAssassin in "debug" mode: (You will have to kill the current spamd process)
/usr/bin/spamd -D -x -q -Q -L --ident-timeout=0
To start SpamAssassin manually:
/usr/bin/spamd -d -x -q -Q -L --ident-timeout=0
To start/stop IMAP/POP manually:
/usr/courier-imap/libexec/pop3d.rc start /usr/courier-imap/libexec/imapd.rc start
/usr/courier-imap/libexec/pop3d.rc stop /usr/courier-imap/libexec/imapd.rc stop
To start Clam AV manually (use Activirty Monitor to kill any running "clamd" and "freshclam" processes):
/usr/clamav/sbin/clamd freshclam -d -c 1 -l /var/log/clam-update.log
Test Courier authentication via terminal
cd /usr/courier-imap/libexec/authlib/ ./authtest -s pop3 user@example.com password
To check Courier version installed on your computer:
/usr/courier-imap/bin/imapd --version
To check Exim version installed:
/usr/exim/bin/exim -bV
To check your ClamAV version:
/usr/clamav/sbin/clamd -V
Be sure to turn on WebMail via ServerAdmin on a per domain basis.
Via terminal open SquirrelMail configuration:
/etc/squirrelmail/config/conf.pl
Select "D. Set pre-defined settings for specific IMAP servers"
Type "courier" after the "Command >> " prompt
Save the new settings in the exit process and that takes care of webmail capabilities.
Just point your browser http://yourdomain.com/webmail.
This package contains the SqWebMail webmail CGI. It is substantially faster then SquirrelMail and can be installed in addition to, side by side. This CGI is used by the CourierIMAP mail server to provide webmail access to local mailboxes. SqWebMail is provided here as a separate package that can be used with other mail servers as well.
Download SqWebMail 3.6.2 and install the package. (Build instruction)
open -e /private/etc/httpd/httpd.conf
add the following line to wherever the aliases are:
Alias /sqwebmail_images/ "/usr/share/sqwebmail/images/"
sudo apachectl graceful restart
If you already installed courierIMAP from the ECM package, you can just copy the configuration file with this command:
cp /usr/courier-imap/etc/authmysqlrc /usr/share/sqwebmail
Restart your computer and point your browser to any of your domains:
http://your.com/cgi-bin/sqwebmail
Starting and stopping manually:
/usr/share/sqwebmail/libexec/sqwebmail/sqwebmaild start
/usr/share/sqwebmail/libexec/authlib/authdaemond start
/usr/share/sqwebmail/libexec/authlib/authdaemond stop
/usr/share/sqwebmail/libexec/sqwebmail/sqwebmaild stop
If you want to add calendar capabilities, just create this file:
echo "local" >/usr/share/sqwebmail/calendarmode
/usr/local/share/sqwebmail/nochangingfrom - if this file exists (it can be a 0-length dummy file), SqWebMail will not allow the From: header to be changed, it will always have its default value.
/usr/local/share/sqwebmail/usexsender - if this file exists (it can be a 0-length dummy file), SqWebMail will attach an X-Sender: header to all outgoing messages. This can be used in the event you would like to be able to modify the From: header, yet also be able to track sent mail to the original account. Although your mail server should records the id of the sending user in the headers of outgoing messages, this is not possible when you have many virtual accounts that share the same system userid.
/usr/local/share/sqwebmail/noimages - if this file exists then no images or icons will be used. The generated interface will be a text-only interface.
You MUST add a periodic cron job to run the cleancache.pl script in order to delete stale cache records from the cache directory. (/usr/share/sqwebmail/cleancache.pl)
The files are installed to /usr/share/sqwebmail. You can customize many html files or through the style sheet at /usr/share/sqwebmail/images/sqwebmail.css.
I find spamhaus.org's RBL is very good at getting rid of most of my spam. Uncomment in exim's configure file the 4 lines beginning with "deny" and ending "dnslists....")
#--------------------------------------------------------------------------------
# Uncomment the following (4 lines) if you want to check against RBL
#--------------------------------------------------------------------------------
# deny message = $sender_host_address is listed at $dnslist_domain
# hosts = !+relay_from_hosts
# !authenticated = *
# dnslists = sbl-xbl.spamhaus.org : \
bl.spamcop.net : \
dnsbl.ahbl.org
#--------------------------------------------------------------------------------
/usr/exim/reject-hosts.txt
This file is used for locking out email by IP numbers.
You can list individual IP's or a block (one entry per line).
157.238.186.133 (157.238.186.133 only)
157.238.186.0/24 (range of 157.238.186.0 to 157.238.186.255)
ÊÊÊ* Installing downloaded binaries will probably work on OSX Client but I did not test it.
ÊÊÊÊÊÊBuilding your own on OSX client will require additional steps that are not described above.
| Ñby George SzekelyÊÊÊÊÊ | |